Need facl's Help
-
I have a question about facl's.
I performed the following steps in my lab:
- created a "/shared" folder to test my knowledge of facl's.
- placed three folders inside the "/shared" folder, reduced each folder's "other's" permission to be rx.
- created three groups, one group for each folder.
- added the users to each group.
- then applied a group to each folder with rw access.
My goal is to only allow members of a group to have rw permissions to their respective folders.
I need help with permission denied errors that occur when I login as the "Chloe" user and try to "touch test.txt" in the "Security" folder that I should have "rw" permissions to. I hope this makes sense. Can someone tell me what I am doing wrong?
\shared (chmod o+rx /shared)
\shared\Security (chmod o+rx Security)
\shared\Marketing (chmod o+rx Marketing)
\shared\Media (chmod o+rx Media)prashar@prashar-virtual-machine:/shared$ ls -als
total 20
4 drwxr-xr-x 5 root root 4096 May 23 10:45 .
4 drwxr-xr-x 21 root root 4096 May 22 12:43 ..
4 drwxr-xr-x+ 2 root root 4096 May 23 12:33 Marketing
4 drwxr-xr-x+ 2 root root 4096 May 23 10:44 Media
4 drwxr-xr-x+ 2 root root 4096 May 23 12:25 Security
prashar@prashar-virtual-machine:/shared$rashar@prashar-virtual-machine:/shared$ getfacl *
file: Marketing
owner: root
group: root
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:Marketing:rwx
default:mask::rwx
default:other::---file: Media
owner: root
group: root
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:Media:rwx
default:mask::rwx
default:other::---file: Security
owner: root
group: root
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:Security:rwx
default:mask::rwx
default:other::---prashar@prashar-virtual-machine:/shared$
STEP 1: CREATE GROUPS
sudo groupadd Security
sudo groupadd Marketing
sudo groupadd MediaSTEP 2: ADD USERS, HOME FOLDERS, COMMENTS, SET PASSWORDS, ADDED THEM TO THEIR RESPECTIVE GROUPS
sudo useradd hayley -m -c "Hayley lastname" --groups Security
sudo useradd chloe -m -c "Chloe lastname" --groups Security
sudo useradd jaslyn -m -c "Jaslyn lastname" --groups Marketing
sudo useradd hannah -m -c "Hannah lastname" --groups Mediasudo passwd chloe
sudo passwd jaslyn
sudo passwd hannah
sudo passwd hayleySTEP 3: MAKE FOLDERS TO ADD FACL'S TO
sudo: mkdir /shared
sudo cd /shared
mkdir Security
mkdir Marketing
mkdir MediaSTEP 4: TIGHTEN FOLDER SECURITY
sudo chmod o+rx Security
sudo chmod o+rx Marketing
sudo chmod o+rx Media
sudo chmod o+rx /sharedSTEP 5: ADD FACL'S
sudo setfacl -m d:g:Security:rw Security
sudo setfacl -m d:g:Media:rw Media
sudo setfacl -m d:g:Marketing:rw MarketingSTEP 6: SET SHELL FOR USER
sudo chsh chloe
sudo chsh jaslyn
sudo chsh hannah
set it to: /bin/bash -
Is this question not clear? I can clarify any part of it if it is not.
-
No need to respond as I will not be checking for updates. This form is clearly a weak part of the itpro.tv offering.